dsdb: give a better error message and return code on failed password change

author Andrew Bartlett <abartlet@samba.org>

Wed, 6 Nov 2013 02:54:17 +0000 (15:54 +1300)

committer Stefan Metzmacher <metze@samba.org>

Wed, 2 Apr 2014 15:12:46 +0000 (17:12 +0200)
author Andrew Bartlett <abartlet@samba.org>
Wed, 6 Nov 2013 02:54:17 +0000 (15:54 +1300)
committer Stefan Metzmacher <metze@samba.org>
Wed, 2 Apr 2014 15:12:46 +0000 (17:12 +0200)
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c

index 8cecf79e020df847be5c5b8b1ec773cae10ef4dc..0ad0ea37ed70a8cd0d47050fa05a48c3c1d2f87e 100644 (file)
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -2174,7 +2174,12 @@ NTSTATUS samdb_set_password(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
         } else if (ret == LDB_ERR_NO_SUCH_OBJECT) {
                 /* don't let the caller know if an account doesn't exist */
                 status = NT_STATUS_WRONG_PASSWORD;
+       } else if (ret == LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS) {
+               status = NT_STATUS_ACCESS_DENIED;
         } else if (ret != LDB_SUCCESS) {
+               DEBUG(1, ("Failed to set password on %s: %s\n",
+                         ldb_dn_get_linearized(msg->dn),
+                         ldb_errstring(ldb)));
                 status = NT_STATUS_UNSUCCESSFUL;
         }
author	Andrew Bartlett <abartlet@samba.org>
	Wed, 6 Nov 2013 02:54:17 +0000 (15:54 +1300)
committer	Stefan Metzmacher <metze@samba.org>
	Wed, 2 Apr 2014 15:12:46 +0000 (17:12 +0200)